defirisk.co
rubric v1.7.0

Usual (USD0 / bUSD0 / USUAL)

RWA-backed stablecoin issuer issuing USD0 (1:1 collateralized by short-duration tokenized T-bills: Hashnote USYC, Spiko USTBL, M by M0) and bUSD0 (formerly USD0++, a ~4-year locked bond form of USD0 maturing 2028-06-11), with USUAL as the governance/value-accrual token and a Snapshot DAO governance layer.

Sector rwa
TVL $104.8M
Reviewed May 16, 2026
Factors 184
Categories 13
Risk score 26.8
DeploymentsEthereum · $104.8M
01

Risk profile at a glance

1 red · 4 yellow · 8 green
25 24 17 13 15 22 16 10 13 12 8 5 4
02

Categories & evidence

184 factors · 13 categories
Code & audits Green 5 25 of 25
RD-F-001 yellow Audit scope mismatch Seven firms, 20+ engagements cover all major contracts across upgrade cycles. Private 'pegasus' repo blocks independent commit-SHA-to-bytecode verification. December 2024 DaoCollateral/SwapperEngine upgrade and post-May-2025 exploit remediation represent post-audit-coverage windows that cannot be independently verified. Subsequent audits (Cantina Phase 1+2 Oct 2024, Halborn Nov 2024, Spearbit Jan 2025, Sherlock #832 March 2025 $209.5K pool) were staged to cover each upgrade cycle, but private repo prevents confirming audit scope commit matches deployed bytecode. RD-F-002 yellow Audit recency Most recent audit recorded is Sherlock/Hexens/Halborn for sUSD0, sEUR0, RDM, USD0a in November 2025. Core USD0/bUSD0/DaoCollateral covered by July 2025 Spearbit+Sherlock bUSD0 burn-redemption upgrade audit. Approximately 6 months since last core-contract audit as of 2026-05-17. No 2026 audits listed. Borderline — July 2025 covers the most economically critical contract changes. RD-F-023 yellow Constructor calls _disableInitializers() bUSD0 impl: confirmed _disableInitializers() in constructor. DaoCollateral impl: confirmed. USD0 impl: likely present per description. USUAL impl: ambiguous per Etherscan description. Registry impl (0x81221180): appears NOT to call _disableInitializers() — inconsistent application of OZ best practice across the implementation set. Critical-path contracts (USD0, bUSD0, DaoCollateral) are properly protected. RD-F-003 gray Resolved-without-proof findings Private 'pegasus' repo means audit PDFs cannot be cross-referenced against on-chain changes. The multiple upgrade transactions (Dec 2024, post-May-2025 exploit) are consistent with remediating audit findings, but no PR/commit trail exists to verify resolution of specific flagged findings. Audits by Cantina, Sherlock, Halborn, Spearbit likely included tracked findings, but resolution cannot be independently confirmed. RD-F-009 gray Formal verification coverage No formal verification engagement found. Certora SecurityReports GitHub (github.com/Certora/SecurityReports) shows no Usual/USD0 entries. No Halmos or Kani disclosures found. Usual-dao GitHub org has only 6 public integration-fork repos with no FV tooling. Private repo prevents confirming or denying internal FV use. RD-F-010 gray Static-analyzer high-severity count No public Slither/Mythril/Semgrep output for Usual. Private repo prevents independent static analysis. The May 2025 $43K exploit (USD0++ arbitrage at 1:1 rate) confirms at least one logic vulnerability survived the multi-firm audit program. Audit firms' internal static analysis results are not publicly available. RD-F-016 gray Divide-before-multiply pattern No published Slither output. Private repo prevents independent Slither run. Tier-1 audit firms routinely check this but no specific finding summary is public. RD-F-017 gray Mixed-decimals math without explicit scaling USD0 is 18-decimal ERC-20; USYC/USTBL may have different decimal configurations. DaoCollateral must normalize RWA collateral pricing. No specific finding on missing normalization in any public audit summary. Private repo prevents independent inspection. RD-F-021 n/a UUPS _authorizeUpgrade correctly permissioned All core contracts use OpenZeppelin TransparentUpgradeableProxy (EIP-1967), NOT UUPS. UUPS _authorizeUpgrade gate check is structurally inapplicable. TransparentProxy authorization is gated at ProxyAdmin level (governance multisig).
RD-F-004 green Audit count Seven distinct audit firms confirmed: Cantina (public Pegasus competition + multiple private reviews), Paladin (L2 OFT adapters), Halborn (Nov 2024, March 2025, May 2025, Nov 2025), Sherlock (contests #575 + #832 + dedicated engagements), Blackthorne (Dec 2024), Spearbit (Jan 2025 onward), Hexens (May 2025, Nov 2025). Cantina and Sherlock confirmed via own contest pages. 7 independent firms is an exceptionally high count.
RD-F-005 green Audit firm tier All 7 firms are Tier-1 or Tier-2: Cantina/Spearbit (Tier-1, Spearbit is top managed-review arm via Cantina), Sherlock (Tier-1 leading platform), Halborn (Tier-1 major firm), Hexens (Tier-2 established European firm), Paladin (Tier-2), Blackthorne (boutique). No unknown or low-quality firms.
RD-F-006 green Audit-to-deploy gap Cantina Pegasus competition ended June 28, 2024; mainnet launch July 10, 2024 — 12 days. October 2024 Cantina Phase 1+2 to December 2024 DaoCollateral/SwapperEngine upgrade: approximately 6-8 weeks. All upgrade-to-audit sequences appear within the 60-day drift threshold. No evidence of deploy-ahead-of-audit pattern.
RD-F-007 green Bug bounty presence & max payout Sherlock bug bounty #56: $16M max payout USDC, live since April 8, 2025 — one of the largest bug bounty programs in DeFi history. Additionally, tech.usual.money/security-and-audits/bug-bounty lists direct disclosure channel (security@usual.company) with severity matrix. Two-channel program.
RD-F-008 green Ignored bounty disclosure No evidence of pre-exploit bounty disclosure that was ignored. The May 2025 $43K USD0++ exploit was detected by BlockSec (external monitoring), not via a bounty report. The team paused within one hour and stated no user funds were drained. No post-mortem evidence of prior disclosure rejection.
RD-F-011 green SELFDESTRUCT reachable from non-admin path Contracts compiled with Solidity 0.8.20/0.8.22 and Shanghai/Paris EVM targets. EIP-6780 (Shanghai) restricts selfdestruct to contracts created in the same transaction, effectively neutralizing this vector. All contracts use upgradeable proxy pattern without self-destruct functionality.
RD-F-012 green delegatecall with user-controlled target No evidence of user-controlled delegatecall. All contracts use OZ Transparent Proxy where delegatecall target is admin-controlled. No audit findings referencing this class.
RD-F-013 green Arbitrary call with user-controlled target No evidence of unrestricted external call patterns. DaoCollateral uses controlled addresses for RWA token interactions. May 2025 exploit was a logic/arbitrage bug, not a call-injection exploit.
RD-F-014 green Reentrancy guard on external-calling functions DaoCollateral confirmed as using ReentrancyGuardUpgradeable (Etherscan source). bUSD0 uses ReentrancyGuardUpgradeable. USD0 is an ERC-20 token (no external call risk). Reentrancy guards consistently applied across core protocol contracts.
RD-F-015 green ERC-777/1155/721 hook without reentrancy guard USD0, bUSD0, USUAL are ERC-20 tokens (no callback hooks). DaoCollateral integrates USYC, USTBL, M (ERC-20 RWA tokens) and USDC — no ERC-777/1155/721 token standards in integration set. No callback-hook risk.
RD-F-018 green Signed/unsigned arithmetic confusion Solidity 0.8.x has built-in overflow/underflow checks eliminating the most common signed/unsigned confusion vectors. Extensive seven-firm audit coverage makes surviving arithmetic confusion unlikely.
RD-F-019 green ecrecover zero-address return unchecked USD0 uses ERC20PermitUpgradeable (OZ standard with proper ecrecover guards). DaoCollateral uses NoncesUpgradeable for replay protection. OZ standard implementations include address(0) guard. No auditor-reported finding on this class.
RD-F-020 green EIP-712 domain separator missing chainId DaoCollateral uses EIP712Upgradeable (OZ, includes chainId in domain separator). USD0 uses ERC20PermitUpgradeable (also includes chainId). OZ's EIP-712 implementation correctly handles chain separation.
RD-F-022 green Public initialize() without initializer modifier bUSD0 impl (0x9F2BD21): constructor calls _disableInitializers(); initializeV3 uses @initializer modifier — CLEAN. DaoCollateral impl (0x0eEc861): constructor calls _disableInitializers(); uses initializeV2 — CLEAN. USD0 impl (0xAe12F6F): uses initializeV2 with Initializable guard — CLEAN per Etherscan description. USUAL impl: likely CLEAN. Registry impl (0x81221180) does not visibly call _disableInitializers() — residual low-severity concern on a non-fund-holding contract. Critical financial contracts are properly guarded.
RD-F-024 green Code complexity vs audit coverage 20+ audit engagements over 18 months with 7 firms. Cantina Pegasus had 346 findings submitted ($80K pool) — high engagement indicating deep community scrutiny. Sherlock #832 had $209.5K pool. The May 2025 $43K exploit shows one edge case survived but was caught quickly via external monitoring.
RD-F-183 green Bug bounty scope gap on highest-TVL contracts Sherlock bug bounty #56 ($16M max USDC, live since April 8, 2025) covers USD0, USD0PP (bUSD0), DaoCollateral, RegistryAccess, RegistryContract, ClassicalOracle, SwapperEngine, TokenMapping, UsualM, UsualUSDtb, EulerOracle, USUAL, USUALx, DistributionModule, YieldModule — Ethereum mainnet only. L2 OFT adapters (Arbitrum, Base, BNB Chain) are explicitly out of scope. The L1OFTAdapter appears likely in scope under 'Core Stablecoin Protocol' but was not independently verifiable from the Sherlock page. Main TVL is on Ethereum mainnet contracts — all covered by the bounty. No critical scope gap on highest-TVL contracts identified.
Governance & admin Yellow 37 24 of 24
RD-F-028 red Low-threshold multisig vs TVL CRITICAL: ProxyAdmin Safe threshold is unknown (not in data cache; 27 lifetime txs). No timelock exists (timelock_address: null). At $104.77M TVL, a multisig with unknown threshold and NO timelock is insufficient. The lowest treasury Safe is 3/7. Whether the upgrade-authority Safe is similarly low-threshold is unverifiable from public data — assessed red on structural opacity combined with confirmed absence of timelock protection. RD-F-032 red Timelock duration on upgrades No timelock exists. Cache: governance.timelock_address = null, timelock_delay_seconds = null. All proxy upgrades execute immediately upon multisig threshold being reached. Etherscan constructor arg analysis on USD0 and DaoCollateral proxies confirms no timelock in admin chain. Red at $104.77M TVL stablecoin. RD-F-033 red Timelock on sensitive actions No sensitive action (upgrade, mint, pause, oracle-set, floor-price-update, emergencyWithdraw) is timelocked. Role-gating via RegistryAccess is the sole control mechanism. The January 2025 floor price change demonstrated that economically-significant parameter changes can be activated immediately without delay — the FLOOR_PRICE_UPDATER_ROLE can act with no on-chain queue. RD-F-041 red Rescue/emergencyWithdraw without timelock bUSD0 implementation (0x9F2BD21...) contains emergencyWithdraw(address safeAccount) function — confirmed from Etherscan source. No timelock exists (timelock_address: null). Callable by credentialed role with immediate effect. Full drain of accumulated bUSD0 balances to a designated address in one transaction with no waiting period. RD-F-025 yellow Admin key custody type Hybrid custody: ProxyAdmin is Gnosis Safe 0xaaDa24...; three treasury Safes (8/15, 6/11, 3/7); Snapshot DAO off-chain. No on-chain timelock. Multisig-only without timelock is yellow for a $104.77M stablecoin. RD-F-026 yellow Upgrade multisig signer configuration (M/N) Treasury Safes: 8/15 (collateral), 6/11 (yield), 3/7 (longterm) — confirmed via Safe API. ProxyAdmin Safe 0xaaDa24... threshold and owner count NOT retrieved (Etherscan confirms Safe contract but data cache did not enumerate this 4th Safe). Upgrade authority threshold is unknown — assessed yellow on gap. RD-F-034 yellow Guardian/pause-keeper distinct from upgrader Multiple pause roles exist (PAUSING_CONTRACTS_ROLE, per-contract pause). Whether these are assigned to addresses distinct from the ProxyAdmin Safe is unconfirmed — RegistryAccess DEFAULT_ADMIN is the same Safe (0xaaDa24...) that controls upgrades. Role separation at contract level exists; at admin level, collapses to one Safe. RD-F-035 yellow Role separation: upgrade ≠ fee ≠ oracle Role separation at contract level: USD0_MINT, PAUSING_CONTRACTS_ROLE, BLACKLIST_ROLE, FLOOR_PRICE_UPDATER_ROLE, FEE_SWEEPER_ROLE are distinct roles. However, DEFAULT_ADMIN_ROLE holder (ProxyAdmin Safe 0xaaDa24...) can grant all roles to any address — single-point-of-control at admin layer despite role diversity at contract layer. RD-F-038 yellow Proposal execution delay < 24h No on-chain governor or proposal execution queue. MultIsig executes immediately after reaching threshold — effectively 0h delay between decision and execution. Factor targets on-chain governor delay specifically; off-chain Snapshot + immediate multisig execution is a structural gap that doesn't fit the green/red definition exactly. Assessed yellow as structural concern without on-chain queuing. RD-F-040 yellow Emergency-veto multisig present No documented emergency-veto multisig. Protocol has PAUSING_CONTRACTS_ROLE for circuit-breaker pause. Usual blog Jan 2025 referenced a 'veto threshold' in future governance design but no dedicated veto contract or multisig identified on-chain. Snapshot veto model (USUALx holders veto proposals) is described post-Jan 2025 but not an on-chain emergency control. RD-F-042 yellow Admin has mint() with unlimited max USD0 has mint(address to, uint256 amount) gated by USD0_MINT role with economic constraint (AmountExceedBacking error — collateral-backed 1:1). No hard uint256 MAX_SUPPLY constant at token level. USUAL token has mint() role-gated. The RWA-backing constraint is economic/protocol-level, not an immutable on-chain ceiling enforced at the token contract. Yellow — economic cap present but not a hard on-chain limit. RD-F-029 gray Multisig signers co-hosted Signer addresses for all 3 treasury Safes are enumerated (15 + 11 + 7 EOAs). No ASN/datacenter co-hosting inference possible from on-chain data. ProxyAdmin Safe signers unknown. OSINT gap — not fully assessed. RD-F-030 gray Hot-wallet signer flag Some signer addresses appear across multiple treasury Safes (e.g., 0xFe45baf0... in both collateral and yield Safes), suggesting active multi-role participants. On-chain tx pattern analysis for hot-wallet behavior not performed. OSINT gap. RD-F-031 gray Signer rotation recency No signer rotation events identified in data cache or 90-day lookback. ProxyAdmin Safe signer rotation: not assessable (threshold/signers unknown). Treasury Safe signer rotation: no events surfaced. RD-F-037 n/a Quorum achievable via single-entity flash loan No on-chain governor exists (Snapshot only). Flash-loan quorum attack vector does not apply to off-chain Snapshot voting systems. RD-F-044 gray Admin wallet interacts with flagged addresses No OFAC/mixer-interaction evidence identified for treasury Safe addresses or ProxyAdmin Safe. Deployer funded_by: null in cache (not retrieved). Full OSINT not performed. RD-F-045 gray Constructor args match governance proposal No on-chain governance proposals with constructor args exist (Snapshot only, off-chain). No deploy-governance proposal mechanism to compare args against. Cannot assess. RD-F-047 gray Governance token concentration (Gini) USUAL is the governance voting asset (USUALx = 80%, bUSD0 = 20% per docs). No on-chain holder scan performed. No third-party Gini analysis found. Supply is known to be concentrated at launch (protocol-held portions). Full assessment requires on-chain holder enumeration.
RD-F-027 green Single admin EOA ProxyAdmin is Gnosis Safe 0xaaDa24... (Smart Account by Safe, Singleton 1.3.0) — NOT a bare EOA. Deployer 0xab175f3... (labeled 'Usual: Deployer') transferred control at deploy time. No bare-EOA admin at any core contract.
RD-F-036 green Flash-loanable voting weight USUAL token does NOT implement ERC20Votes checkpoints (confirmed: ERC20PermitUpgradeable only, no delegate() or getPastVotes()). Snapshot governance is off-chain and block-snapshot-based by design — cannot be manipulated by same-block flash loans. No on-chain governor exists (cache: governor_address = null).
RD-F-039 green delegatecall/call in proposal execution without allowlist No on-chain governance executor contract exists. Multisig executes Safe transactions directly — no proposal execution path involving delegatecall with proposal-supplied targets. Risk is absent by architecture (though the architecture is itself centralized).
RD-F-043 green Admin = deployer EOA after 7 days Deployer 0xab175f3ed4e9e021fa491ae12c7a08d85b27feef (labeled 'Usual: Deployer') is not the current admin. All proxies have initialOwner = 0xaaDa24... (Safe). Protocol deployed May 23, 2024 — over 12 months ago; no deployer EOA retained as admin past 7 days.
RD-F-046 green Contract unverified on Etherscan/Sourcify All core contracts source-verified on Etherscan: USD0 proxy, USD0 impl, bUSD0 proxy, bUSD0 impl, USUAL proxy, USUAL impl, DaoCollateral proxy, DaoCollateral impl, SwapperEngine, Registry, RegistryAccess. Verified at or shortly after launch (May 2024 onward).
RD-F-167 green Deprecated contract paused but pause reversible by live admin No deprecated contracts with retained live admin pause identified. DaoCollateral has pauseSwap()/pauseRedeem() but is a live, non-deprecated contract. Protocol has not deprecated any major contract without fully sunsetting. All identified contracts in §3 of profile are live or have been fully upgraded (proxy address retained).
Oracle & external dependencies Yellow 33 17 of 17
RD-F-051 red Fallback behavior on oracle failure No fallback oracle for any collateral asset. ClassicalOracle has a single data source per token (one Chainlink/Hashnote feed). If USYC NAV oracle reverts or returns stale data, no secondary source is consulted. CBR (Collateral Backing Ratio) is admin-activatable but requires human intervention — it is NOT an automatic oracle fallback. When ClassicalOracle fails, the minting/redeeming path halts with no degraded-mode backup. RD-F-059 red Oracle staleness check present Oracle staleness check is MISSING from live price reads. Two Sherlock audit findings confirm: (1) Oct 2024 Sherlock audit 2024-10-usual-labs-v1-judging Issue #8: USYC oracle latestRoundData called without checking updatedAt for staleness; (2) Feb 2025 Sherlock audit 2025-02-usual-labs-judging Issue #106: UsualOracle#_latestRoundData() lacks staleness verification — 'the timeout is not stored and the _latestRoundData() function lacks this verification, potentially leading to return of stale values.' The initializeTokenOracle timeout parameter is checked ONCE at initialization only, per tech docs: 'this check is only performed once.' Live oracle reads proceed without staleness validation. A stale USYC price could enable profitable arbitrage draining protocol (Feb 2025 finding estimated ~98,900 USD profit from single stale-price exploit). RD-F-049 yellow Oracle role per asset USYC: Primary — Hashnote custom IAggregator oracle. USDC: Primary — Chainlink USDC/USD. USDT: Primary — Chainlink USDT/USD. USD0: Primary — Chainlink USD0/USD (external reference). USD0 in SwapperEngine: hardcoded as $1. No secondary or fallback oracle for any asset. Single oracle per token is a yellow finding given the dominance of USYC collateral. RD-F-050 yellow Dependency graph (protocols depended upon) Protocol depends on: (1) Hashnote (USYC NAV oracle + BNY Mellon custody — ~83% of collateral), single point of failure for collateral backing; (2) Spiko (USTBL); (3) M0 Foundation (M token); (4) Chainlink (price feeds); (5) LayerZero Endpoint V2 (OFT cross-chain); (6) Chainlink CCIP (USUAL cross-chain). USYC/Hashnote dependency is dominant and concentrated. Yellow because failure of any single dependency degrades protocol; red avoided because collateral is fully backed (not leveraged) so failure mode is operational halt rather than immediate insolvency. RD-F-052 yellow Breakage analysis per dependency Breakage scenarios documented: (1) USYC oracle fails → stale collateral price accepted (no auto-pause) → minting at wrong ratio → undercollateralization risk; (2) Chainlink USDC/USD fails → SwapperEngine USDC minting halts; (3) DVN compromised (if 1/1) → synthetic cross-chain USD0 mint; (4) USYC custody pause → USD0 notionally backed but not redeemable. Yellow because these are conditional failures, not structural collapse paths for a fully-collateralized design. RD-F-057 yellow Circuit breaker on price deviation CBR (Collateral Backing Ratio) mechanism exists via admin-callable activateCBR(uint256 coefficient) on DaoCollateral. It is NOT automatic — requires admin (multisig) to invoke. For stablecoins, ClassicalOracle's isStablecoin=true path reverts getPrice/getQuote if price deviates from $1 — this IS an automatic circuit breaker for stablecoin collateral (USDC, USDT). No automatic circuit breaker for USYC NAV oracle deviation. Yellow: partial circuit breaker (automatic for stablecoins, manual-only for RWA NAV oracle). RD-F-060 yellow Chainlink aggregator min/max bound misconfig USYC uses a Hashnote custom aggregator — not a standard Chainlink feed with published minAnswer/maxAnswer. Chainlink USDC/USD and USDT/USD are standard stablecoin feeds with tight bounds. ETH/USD feed (0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419) is in the data cache oracle_feeds but its actual consumption by DaoCollateral is unconfirmed — the profile notes this may be a broad registry query result. Yellow because: USYC custom aggregator bounds are unknown and cannot be verified as non-misconfigured; stablecoin feeds appear standard. RD-F-180 yellow Immutable oracle address ClassicalOracle is a TransparentUpgradeableProxy — oracle source addresses are stored in upgradeable storage via initializeTokenOracle mapping and ARE admin-replaceable. The ★ red criterion for F180 is the immutable-address pattern (address cannot be swapped without full upgrade). Usual's ClassicalOracle passes this test — address IS replaceable, so the core F180 failure mode (lending protocol cannot reprice post-depeg) is avoided. YELLOW because: (1) oracle addresses ARE replaceable (good), but (2) the missing live staleness guard (F059 red) means even correct oracle addresses can pass through stale data undetected; (3) no timelock on oracle address changes (admin can instantly re-point to a different feed). Not red because replaceability criterion is met. RD-F-054 n/a TWAP window duration No TWAP-based oracle used by Usual. All oracles are Chainlink push-based or NAV-push. TWAP window measurement is not applicable to push-feed architecture. RD-F-055 n/a Oracle pool depth (USD) No DEX pool feeds pricing for Usual. Chainlink push feeds are used for stablecoins; Hashnote NAV oracle for USYC. Pool depth for a DEX oracle is not a relevant metric for this architecture. RD-F-056 n/a Single-pool oracle (no medianization) No DEX pool oracle in use. Factor specifically targets single-pool DEX oracle with no medianization across venues. Chainlink feeds are themselves multi-node aggregated. Not applicable because the vulnerability class (single DEX venue manipulation) does not apply to push-feed architecture. RD-F-058 gray Max-deviation threshold (bps) CBR coefficient value not disclosed publicly. setMaxDepegThreshold bps value not published in docs. On-chain read required (cbrCoef() call on DaoCollateral) to retrieve current value. Not assessed within evidence budget. RD-F-181 n/a Permissionless-pool lending oracle Usual is a stablecoin issuer (RWA-backed), not a lending protocol. DaoCollateral uses a whitelisted set of RWA tokens as collateral (USYC, USTBL, M) — not permissionless pool creation. F181 specifically targets lending protocols that accept spot prices from permissionlessly-created DEX pools. Not applicable by protocol type.
RD-F-048 green Oracle providers used Three oracle providers identified: Chainlink (USDC/USD 0x8fFfFfd4AfB6115b954Bd326cbe7B4BA576818f6, USDT/USD 0x3E7d1eAB13ad0104d2750B8863b489D65364e32D, USD0/USD 0x7e891DEbD8FA0A4Cf6BE58Ddff5a8ca174FebDCB), Hashnote custom IAggregator-compatible oracle for USYC NAV, and the internal ClassicalOracle aggregation layer. No Pyth, no RedStone, no Uniswap TWAP oracle.
RD-F-053 green Oracle source = spot DEX pool (no TWAP) No spot DEX pool oracle used. All collateral pricing goes through ClassicalOracle which uses Chainlink IAggregator-compatible interfaces (push-based feeds) or Hashnote custom NAV oracle. USD0 peg in SwapperEngine is hardcoded at $1 (not derived from a DEX pool). DaoCollateral ABI shows no Uniswap/Curve pool calls. TWAP exploitation vector does not apply.
RD-F-061 green LP token balanceOf used for pricing No LP token balanceOf pricing identified. ClassicalOracle prices individual tokens via aggregator interfaces (Chainlink IAggregator or equivalent). USD0 is not priced via DEX pool balanceOf. No Curve/Uniswap LP token interaction in DaoCollateral ABI.
RD-F-062 green External keeper/relayer not redundant Core USD0 minting/redeeming is user-triggered via DaoCollateral; no external keeper required for core operations. CBR activation is admin-triggered (multisig), not an automated keeper dependency. No Gelato, Chainlink Automation, or similar keeper identified for the oracle/minting path. LayerZero executor (for OFT cross-chain) is a Cat 10 concern, not Cat 3.
Economic risk Red 50 13 of 13
RD-F-063 red TVL (current + 30d trend) TVL $104.77M as of 2026-05-16; 30-day change -2.65%; 90-day CoV 0.029 (stable). However, the protocol collapsed ~94% from a $1.87B peak on 2025-01-07 to current $104.77M — triggered by the unilateral bUSD0/USD0++ floor-price introduction in January 2025 without prior DAO vote. bUSD0 fell to $0.89 on secondary markets; cascading liquidations occurred on Morpho (LLTV 86% near the $0.87 floor); Curve USD0/USD0++ pool swung to ~92% imbalance. TVL collapse of this magnitude and origin from a governance-triggered economic-design failure is a severe red signal. Current stability reflects post-crisis floor, not recovery. RD-F-064 yellow TVL concentration (top-10 wallet share) On-chain top-10 depositor wallet share not quantified (Dune queries return 403; on-chain scan not performed). Structural concentration risks: (1) 100% of USD0 collateral backing is held in a single 8-of-15 Gnosis Safe at 0xdd82875f0840AAD58a455A70B88eEd9F59ceC7c7; (2) bUSD0 holders are locked until June 2028 maturity, creating a trapped-concentration cohort; (3) primary collateral is concentrated in a single provider (USYC/Hashnote, ~83.96% of treasury per profile). USD0 ($557M supply) likely distributed broadly. Yellow for structural concentration in collateral custody and bUSD0 lockup cohort; USD0 depositor concentration unquantified. RD-F-065 yellow Liquidity depth per major asset USD0 ($557M supply) trades on Curve and Uniswap V3 and is currently near peg ($0.9981); depth appears adequate under normal conditions. bUSD0 secondary market depth is thin: floor price mechanism ($0.92 current, was $0.87 initially) bounds the downside but constrains the secondary market. Curve USD0/USD0++ pool swung to ~92% imbalance during January 2025 depeg, demonstrating liquidity depth fails under stress. Exact 2%/5% DEX depth not quantified (Dune 403). Yellow: USD0 depth appears adequate normally but failed in stress (Jan 2025); bUSD0 depth structurally thin due to floor gating and maturity lock. RD-F-069 yellow Algorithmic / under-collateralized stablecoin USD0 (base stablecoin) is fully collateralized 1:1 by tokenized T-bills (USYC ~83.96%, USTBL ~16.04%); not algorithmic or under-collateralized. However, bUSD0 (formerly USD0++, the locked bond layer) introduces a novel economic risk: (1) bUSD0 holders cannot exit 1:1 unconditionally before June 11, 2028 maturity — they must either forfeit all accrued USUAL rewards (conditional 1:1 exit) or accept a floor price ($0.87 initial, raised to $0.92 per Jan 23 blog post, current docs); (2) this floor mechanism was introduced WITHOUT prior DAO vote on January 9-10, 2025; (3) bUSD0 fell to $0.89 in secondary markets immediately after the announcement; (4) the Morpho vault LLTV of 86% sat just below the $0.87 floor, triggering cascading liquidations. Not pure-algorithmic (no LUNA-class reflexivity), but the forced-discount exit from a locked bond without governance approval is a demonstrated economic-design failure. YELLOW: USD0 layer is green (fully backed); bUSD0 layer adds a demonstrated-failu RD-F-066 n/a Utilization rate (lending protocols) Usual is not a lending protocol. No borrowable markets exist. DaoCollateral issues USD0 vs. RWA collateral deposits; this is not a supply/borrow market. DefiLlama borrow section: borrow.present=false, total_borrowed_usd=null. Not_applicable per PD-024 (lending-only factor). RD-F-067 n/a Historical bad-debt events Not_applicable per PD-024 (lending-only factor). Usual has no lending markets and therefore cannot generate bad debt in the lending sense. Third-party protocols (Morpho) that used bUSD0 as collateral experienced bad debt during January 2025 — that is Morpho's bad-debt exposure, not Usual's. USD0 itself remained fully collateralized throughout. No instances of Usual failing to honor USD0 redemption documented. RD-F-068 n/a Collateralization under stress Not_applicable per PD-024 (lending-only factor — collateralization ratio < 110% under stress scenario for lending protocol LTV). USD0 has a collateral dimension (100% T-bill backed) but the factor definition targets lending-protocol collateralization (net collateral vs. outstanding borrows under stress). Usual has no borrows. The RWA backing integrity of USD0 is assessed under RD-F-069. RD-F-070 n/a Empty cToken-style market (zero supply/borrow) NOT APPLICABLE — Usual is not a Compound V2 fork. No cToken-style borrow markets exist. The critical ★ flag does not apply. Profile §5 confirms original design with no upstream fork lineage. DefiLlama borrow.present=false confirms no lending surface. RD-F-071 n/a Seed-deposit requirement for new market listing Not_applicable per PD-024 (lending-only factor). Usual has no borrow markets to list; the seed-deposit requirement for new-market listing does not apply. DaoCollateral issues USD0 against deposited RWA collateral — there is no market-listing process with or without seed deposits. RD-F-072 n/a Market-listing governance threshold Not_applicable per PD-024 (lending-only factor). Usual has no borrow markets; market-listing governance threshold does not apply. New collateral types for USD0 backing are governance-controlled but this is assessed under Cat 2 (governance threshold), not Cat 4 market-listing. RD-F-073 n/a Oracle-manipulation-proof borrow cap Not_applicable per PD-024 (lending-only factor). Usual has no per-asset borrow caps because it has no lending markets. The oracle-manipulation-proof borrow cap pattern does not apply. RD-F-074 n/a ERC-4626 virtual-share offset (OZ ≥4.9) Not_applicable per PD-024 (lending-only factor) and protocol structure. bUSD0 (formerly USD0++) is a locked bond token, not an ERC-4626 vault. The virtual-share inflation attack requires a share-ratio accounting model (ERC-4626 previewDeposit/convertToShares); bUSD0 is a 1:1 lock-and-mint bond mechanism with no share-ratio computation. USUALx (staked USUAL) may use a vault pattern but that is code-security-analyst scope (Cat 1). RD-F-075 n/a First-depositor / share-inflation guard Not_applicable per PD-024 (lending-only factor). Same reasoning as RD-F-074: bUSD0 is a 1:1 lock-and-mint bond with no share-ratio accounting. There is no first-depositor share-inflation attack surface. DaoCollateral mint path issues USD0 1:1 against collateral value, not against a share ratio that can be diluted by donation.
Operational history Yellow 20 15 of 15
RD-F-089 red Insurance coverage active No active third-party smart-contract coverage (TVL insurance) from Nexus Mutual, Sherlock Unlimited, or any equivalent provider found for Usual's $104.77M TVL. The Nexus Mutual involvement is specific to backing the $16M Sherlock bug-bounty payout (bug-bounty cover — Nexus Mutual covers 80% of a critical bounty payout), not depositor TVL coverage. Usual docs reference an internal insurance fund (0.33%–5.33% of USD0 supply, ~24-day replenishment) but this is an internal protocol buffer, not third-party coverage per F089 definition. RD-F-077 yellow Prior exploit count 1 confirmed smart-contract exploit: May 27, 2025 Sky Vault USD0++ → USD0 boundary-condition logic bug (~$42,800 loss). Attacker exploited a permissionless 1:1 swap in the USD0++ unwrap/deposit path during Sky Vault integration, capturing the price-difference arbitrage (~$0.97 market vs $1.00 unwrap rate) using flash loans. Detected by BlockSec Phalcon. Affected vault paused automatically. Exploit count = 1. Scored yellow: single exploit at small scale (~$43K), after Spearbit + Halborn + Cantina pre-audit coverage; not zero, but does not rise to red for a single incident at this loss scale. January 2025 USD0++ floor-price event is NOT an SC exploit and is not counted (governance/economic classification unchanged). Hacksdatabase has no usual-rekt.md — coverage gap flagged for curator. RD-F-081 yellow Post-exploit response score May 2025 exploit response scored against 5-dimension rubric: (1) Detection: BlockSec Phalcon auto-detected; vault paused automatically within ~1 hour — strong. (2) Public communication: blog published ~1-2 days post-exploit — fast. (3) Root-cause transparency: blog describes 'situational vulnerability' and 'behavioral edge case rather than flawed logic' — somewhat defensive; general description of unwrap/1:1 mechanism without specific code diff at time of publication; promised 'full technical audit diff' deferred to ETA June 3. (4) Remediation: router redeployment committed; caps/guards credited for loss containment; no user funds lost. (5) Auditor re-engagement: not confirmed at post-mortem publication time. Scored yellow: fast operational response, partial transparency quality on root cause and deferred technical diff. Previously not_applicable (zero SC exploits); now graded on merits of May 2025 exploit. RD-F-083 yellow Auditor re-engaged after last exploit The Sky Vault Arbitrage Recap blog commits to 'final patch review and redeployment of the router (ETA before June 3)' and publication of 'a full technical audit diff and exploit breakdown.' Pre-exploit auditors were Spearbit (Jan + Apr 2025), Halborn (Jan 2025), Cantina (Mar 2025) — none caught the behavioral edge case. Whether a specifically named reputable re-audit engagement was commissioned post-exploit for the patched router is not confirmed in sources available as of 2026-05-17. Scored yellow: remediation committed and router patch planned (consistent with implicit auditor review), but named post-exploit auditor re-engagement not confirmed from primary sources. Previously not_applicable (zero SC exploits); rescored yellow on May 2025 exploit. RD-F-084 yellow TVL stability (CoV over 90d) Trailing 90-day TVL CoV (2026-02-16 to 2026-05-16) = 0.029 (mean $109.3M, std $3.2M, 90 samples) — mechanically low. However the full-lifecycle context is severe: TVL peaked at $1.87B on 2025-01-07 (ts=1736208000) and collapsed ~94% to ~$104M following the January 2025 USD0++ floor-price governance event. The 90-day window captures only the post-collapse stabilized plateau. The mechanism causing the collapse (locked bUSD0 bond with governance-set floor price) remains in place. The May 2025 exploit (~$43K) was too small to perturb TVL materially. Scored yellow to reflect: current trailing CoV is low, but a catastrophic lifecycle collapse occurred within the past 16 months and the structural risk persists. RD-F-086 yellow Pause activations (trailing 12 months) One pause activation confirmed in trailing 12 months: the Sky Vault affected-vault pause triggered automatically in response to the May 27, 2025 exploit. This was a security-triggered pause, not an ops failure. Previously scored green (0 pauses in trailing 12 months). Rescored yellow: 1 pause in trailing 12 months; was a legitimate security containment action; pause was brief (router redeployed before June 3, 2025, approximately 1 week after exploit). RD-F-088 yellow Re-deployed to new addresses in last year Two proxy implementation upgrades documented in trailing 12 months: DaoCollateral (proxy 0xde6e1F680C4816446C8D515989E2358636A38b04) impl upgraded 2024-12-17; SwapperEngine (proxy 0xB969B0d14F7682bAF37ba7c364b351B830a812B2) upgraded 2024-12-17. Additionally, the Sky Vault router was redeployed following the May 2025 exploit (ETA June 3). These are proxy upgrades at existing addresses and a router replacement — material changes to live contracts. A bUSD0 implementation upgrade is also noted (profile flags '2025-12-10' — likely typo for 2024-12-10 or 2025-01-10; code-security-analyst must verify). Scored yellow: proxy upgrades + post-exploit router redeployment are material; code-security-analyst must verify reinitializer guards (F143) and upgrade-path continuity.
RD-F-076 green Protocol age (days) First mainnet deploy: USD0 proxy at block 19932960 = 2024-05-23. Public launch: 2024-07-10. Assessment date: 2026-05-17. Age from first deploy: ~724 days (~24 months). Clears ≥12-month A-grade eligibility threshold by a wide margin. Protocol survived and continued operating through the January 2025 USD0++ governance event and the May 2025 Sky Vault SC exploit.
RD-F-078 green Chronic-exploit flag (≥3 incidents) Chronic flag requires ≥3 exploits. Only 1 smart-contract exploit on record (May 2025 Sky Vault). Flag does not apply.
RD-F-079 green Same-root-cause repeat exploit Same-root-cause repeat requires ≥2 incidents with matching root cause. Only 1 SC exploit on record (May 2025 boundary-condition unwrap bug). Cannot be triggered. The January 2025 governance event is a different category (economic/governance, not SC exploit) and does not share a root cause with the May 2025 boundary-condition bug.
RD-F-080 green Days since last exploit Most recent SC incident: May 27, 2025 (Sky Vault exploit). Assessment date: 2026-05-17. Days elapsed: ~355 days (~11.7 months). No active incident. Scored green: nearly a full year elapsed, protocol continued operating, router patched and redeployed before June 3, 2025. Previously scored not_applicable (zero SC exploits); rescored green following U3 incorporation of May 2025 exploit.
RD-F-082 green Post-mortem published within 30 days Usual published 'Sky Vault Arbitrage Recap: Contained and Controlled' approximately May 28–29, 2025 — approximately 1–2 days after the May 27, 2025 exploit. This is well within the 30-day post-mortem threshold. The post-mortem is public and addresses the incident timeline, root cause (in general terms), and action plan including router redeployment and technical audit diff publication. Previously not_applicable (zero SC exploits); rescored green on May 2025 exploit.
RD-F-085 green Incident response time (minutes) Last incident is now the May 27, 2025 SC exploit. The affected vault was paused automatically upon BlockSec Phalcon detection — 'within the first hour' per reporting. Automatic pause within ~60 minutes of the first exploit transaction is a strong operational response. Previously scored yellow anchored on the January 2025 governance event (14-day public blog delay). Rescored green: the May 2025 SC exploit is the most recent incident and the automatic containment within <1 hour is the operative measurement for this factor.
RD-F-087 green Pause > 7 consecutive days The May 2025 vault pause was brief — router redeployment committed before June 3, 2025 (~days after May 27 exploit). The pause did not exceed 7 consecutive days. No other pause recorded in trailing 12 months.
RD-F-166 green Deprecated contracts still holding value No officially-deprecated Usual contract addresses identified. The USD0++ to bUSD0 product rename was a rebrand: the token contract 0x35D8949372D46B7a3D5A56006AE77B215fc69bC0 remains live at the same address — not deprecated. No sunset/end-of-life announcement for any deployed contract found in docs.usual.money or tech.usual.money. All 12 contracts enumerated in the profile §3 are active.
Real-time signals Green 2 22 of 22
RD-F-104 yellow Stablecoin depeg >2% on shared-LP venue bUSD0 (formerly USD0++) trades at $0.9636 (CoinGecko 2026-05-17) — a 3.64% discount to par, above the 2% T-09 threshold, sustained for months since the January 2025 depeg event. USD0 itself trades at $0.9981 (well within the 2% threshold). The suppression question: the bUSD0 floor mechanism (introduced 2025-01-09, DAO-acknowledged per Usual blog 2025-01-23) provides a suppression argument — the discount reflects a structural design feature (locked bond maturing June 11, 2028), not a sudden depeg. Under strict T-09 dependency-map reading, bUSD0 depeg does not directly impair USD0 collateral backing (USD0 is backed by USYC/USTBL, not by bUSD0). Yellow reflects: threshold breach is real, but suppression argument is present; the signal should be flagged 'elevated but suppressed' pending T-09 methodology clarification on whether a DAO-acknowledged floor price constitutes adequate suppression. RD-F-096 gray New ERC-20 approval to unverified contract from whale Requires live ERC-20 approval scanning against unverified contracts interacting with Usual protocol. Not monitorable in static assessment. No production pipeline implements per-wallet approval monitoring for this protocol. RD-F-101 n/a Large governance proposal queued Usual uses Snapshot-only governance (off-chain). No on-chain governor contract exists (confirmed: data cache governance.timelock_address = null, governance.type = snapshot_only). The T-09 signal requires on-chain ProposalCreated/ProposalQueued events from a governor contract — these events are never emitted by Usual because there is no on-chain governor. Multisig execution happens directly after a Snapshot vote without an on-chain queued state. RD-F-103 gray Bridge signer-set change proposed/executed USD0 uses a LayerZero OFT L1 adapter (0xE14C486b93C3B62F76F88cf8FE4B36fb672f3B26). A DVN configuration change on the LayerZero endpoint would qualify as a signer-set change under RD-F-103. However, the data cache returns dvn_configs = [] — the pipeline did not retrieve DVN configuration. Without DVN config, no baseline exists from which to detect changes, and the signal cannot be instrumented. No public report of DVN configuration changes for this adapter identified. RD-F-106 gray Cross-chain bridge unverified mint pattern USD0 is a LayerZero OFT with L1 lock-and-mint to Arbitrum/Base/BNB Chain. A forged lzReceive message could mint unbacked USD0 on a destination chain if DVN is misconfigured (1/1). DVL is almost entirely on Ethereum (100% per DefiLlama), suggesting L2 OFT mints are minimal in volume. Cross-chain bridge mint-without-proof monitoring requires live LayerZero event indexing — not implemented in current pipeline. DVN config also not verified (dvn_configs = []). RD-F-107 gray Admin EOA signing from new geography/device Signal requires off-chain signing telemetry (geography/device fingerprint from admin EOA signing patterns). This is an M-tier curator-only signal requiring private feeds (MPC providers, session-key providers, or geographic IP analysis on signing node submissions). No public data source provides this for Usual's three Gnosis Safe multisig signers. RD-F-108 gray GitHub force-push to sensitive branch Usual's primary contracts repository (usual-dao/pegasus) is PRIVATE on GitHub. Force-push or sensitive-branch push monitoring requires repository access — unavailable for private repos via public monitoring. The 6 public GitHub repos are all integration forks (DefiLlama, Pendle, KyberSwap) with no sensitive protocol core branches. Public-source monitoring of the primary contracts repo is impossible. RD-F-110 n/a Unusual pending/executed proposal ratio Usual uses Snapshot-only governance. No on-chain governor contract exists, so there is no on-chain pending/executed proposal state to track a ratio against. Snapshot proposals have open/closed status but there is no on-chain pending queue that corresponds to the T-09 signal definition. Structurally not applicable.
RD-F-090 green Mixer withdrawal → protocol interaction No public attribution of mixer-funded wallet interacting with Usual core contracts in trailing 30 days. Rekt.news database and DefiLlama hacks contain no Usual entries. Tornado Cash OFAC sanctions lifted 2025-03-21; sector-wide interaction volume has increased but no Usual-specific reports identified. Per U4 instruction: any attacker routing through USD0/Curve pools = F158 yellow classification, NOT team contamination.
RD-F-091 green Partial-drain test transactions No evidence of pre-drain test-transaction pattern targeting Usual contracts. TVL 90-day CoV = 0.029 (mean $109.3M, std $3.2M) — consistent with gradual organic decline, not partial-drain precursor. No Rekt database entries for Usual.
RD-F-092 green Unusual mempool pattern from deployer wallet Deployer wallet 0xAb175F3Ed4e9E021Fa491Ae12c7A08d85B27fEef holds 0.01 ETH residual — consistent with dormant post-launch deployer EOA. No unusual contract deploys or approval sequences observed in public Etherscan record for the deployer address.
RD-F-093 green Abnormal gas-price willingness from attacker wallet No elevated-gas transaction patterns targeting Usual contracts identified in public sources. Signal threshold (priority fee ≥5x EMA baseline from wallet targeting protocol) has no known breach in the assessment window.
RD-F-094 green New contract with similar bytecode to exploit template No freshly deployed contract with high bytecode similarity to a known-exploit template targeting Usual's DaoCollateral or SwapperEngine patterns identified. Usual's primary contracts repo is private (usual-dao/pegasus), reducing the pool of easy clone targets. Bytecode is on-chain and verified on Etherscan, but no exploitation-focused clone contracts identified in public sources.
RD-F-095 green Known-exploit function-selector replay No known-exploit replay template specifically targeting Usual's DaoCollateral, SwapperEngine, or bUSD0 function selectors has been publicly documented. The January 2025 depeg was an economic/governance failure, not a selector-based replay attack. No Rekt database entries for Usual.
RD-F-097 green Sybil surge of identical-pattern transactions No sybil-pattern transactions (multiple new EOAs submitting identical patterns) targeting Usual contracts identified in public sources. No reports of unusual account-clustering activity against USD0 minting in the assessment window.
RD-F-098 green TVL anomaly — % drop in <1h TVL stable at $104.77M (2026-05-16 pipeline). 30-day trend: -2.65% (gradual). 90-day CoV = 0.029 (mean $109.3M, std $3.2M) — well within normal fluctuation. The T-09 tier-A threshold (TVL_now / TVL_baseline_30d < 0.70 over 60-min window) is not breached: 30d baseline ~$107.6M; current ratio ~0.973. Signal would NOT fire today.
RD-F-099 green Oracle price deviation >X% from secondary USD0 trades at $0.9981 (CoinGecko 2026-05-17), confirming oracle reads are functioning normally for the primary stablecoin. Chainlink USDC/USD heartbeat is 82800s and USDT/USD is 86400s — the longest-heartbeat feeds in the stack, creating staleness windows relevant to a stablecoin collateral protocol. No oracle deviation events reported in public sources. This is a T-09 phase-2 signal not yet instrumented; green reflects current peg status, not live oracle monitoring.
RD-F-100 green Flash loan >$10M targeting protocol tokens No large flash loans (≥$10M) targeting Usual core contracts (DaoCollateral, SwapperEngine, bUSD0) identified in the assessment window. Snapshot-only governance limits flash-loan governance attack surface (no on-chain governor where flash-loaned votes could be cast). T-09 phase-2 signal not yet instrumented. Green reflects absence of known threat indicators.
RD-F-102 green Admin/upgrade transaction in mempool Three Gnosis Safe multisigs (8/15, 6/11, 3/7) hold admin roles. No unusual admin transactions reported in public sources in the trailing 30 days. T-09 phase-2 signal not yet instrumented. Safe multi-sig execution requires aggregated signatures from multiple signers, reducing the mempool-observable pre-confirmation window compared to single-EOA admin. Green reflects absence of known admin-tx anomalies.
RD-F-105 green DNS/CDN/frontend hash drift No frontend anomaly (DNS change, TLS cert drift, JS bundle hash drift) reported in public sources for usual.money, docs.usual.money, or tech.usual.money in the assessment window. T-09 phase-2 signal not yet instrumented. Green reflects absence of known frontend-integrity reports. Protocol brand profile warrants future instrumentation.
RD-F-109 green Social-media impersonation scam spike No active impersonation campaign (fake airdrops, fake team accounts) identified in public sources for Usual Money in the assessment window. Historical context: USUAL token airdrop campaign ran in late 2024 — a common trigger for scam spikes — but no active campaigns found at time of assessment. Protocol brand ($104.77M TVL, $1.87B 12-month peak) creates ongoing impersonation risk; this factor should be re-evaluated episodically.
RD-F-182 green Security-Council threshold reduction (RT) RD-F-182 (batch-24, Cat 6B): Security-Council threshold reduction event RT signal. Usual has three Gnosis Safe multisigs acting as the functional Security Council: Collateral 8/15, Yield 6/11, Longterm 3/7. No threshold reduction events detected on any of the three Safes in public record (no ChangedThreshold or RemoveOwner events reported). No new-signer additions combined with threshold reduction identified. Note: no on-chain timelock exists (permanently absent since launch), so the 'timelock removal' sub-pattern of RD-F-182 is structurally inapplicable — a separate Cat 2 concern. Green reflects current posture: no threshold reduction detected.
Dev identity & insider risk Green 8 16 of 16
RD-F-117 yellow ENS/NameStone identity bound to deployer No ENS name is directly bound to deployer EOA `0xab175f3ed4e9e021fa491ae12c7a08d85b27feef`. The Gnosis Safe that funded the deployer (0x34DC124e0ea6e0cdac7605ec3c5153dca17b6ba1) was created by moul.eth — establishing an ENS-associated entity 2 hops from the deployer, but no direct ENS binding on the deployer itself. Factor definition requires ENS bound to the deployer address; partial credit via 2-hop association but not directly satisfied. Yellow rather than red because the indirect ENS association via moul.eth implies a real-identity anchor at 2-hop; yellow rather than green because the direct deployer has no ENS. RD-F-121 yellow Contributor OSINT depth score Co-founders score 4–5/5 on OSINT depth (Wikipedia, LinkedIn, conference speaker credits, podcast appearances, parliamentary record, Crunchbase). However, developer-level contributors below leadership score approximately 1/5 (private repo, no public GitHub membership beyond @au2001). The composite OSINT depth is strong at leadership level but thin at the developer-contributor level — a meaningful gap for a protocol where the core code is private. This asymmetry warrants yellow rather than green. RD-F-123 yellow Sudden admin-rescue/ACL change without discussion [★ CRITICAL FACTOR] On 2025-01-09, Usual Labs executed an on-chain admin update using the `FLOOR_PRICE_UPDATER_ROLE` permissioned role in the bUSD0/USD0++ contract, introducing an $0.87 floor price for unconditional early exits. This was done WITHOUT a prior DAO Snapshot vote or public governance forum discussion. The change was executed on-chain via admin role authority, with no timelock delay (no on-chain timelock exists per profile §6 and data cache governance.timelock_address: null). The team notified Gauntlet and Morpho Labs via Telegram on the day of implementation. The Usual blog published 'A new dawn for USD0++: Road to Parity' on 2025-01-23 acknowledged communication gaps and proposed a future veto-based governance model for subsequent changes. This is a governance-process bypass: unilateral admin execution at a $1.87B TVL stablecoin without prior DAO vote, using an on-chain permissioned role with no governance delay. The change was publicly disclosed post-hoc (not concealed). RD-F-116 gray Contributor tenure at admin-permissioned PR Main contracts repository ('pegasus') is PRIVATE under `usual-dao` GitHub org. No contributor list accessible (6 public repos are all integration forks). Only publicly visible GitHub org member is @au2001. Contributor tenure for admin-permissioned code changes is not assessable from OSINT. Cannot determine GitHub contributor tenure at time of last admin-permissioned PR. RD-F-119 gray Commit timezone consistent with stated geography Main contracts repository ('pegasus') is PRIVATE under usual-dao GitHub org. No commit history accessible. The 6 public repos are integration forks where commit patterns reflect upstream fork contributors, not Usual Labs developers. Team is stated to be France-based (Paris, French incorporation per press releases). Cannot compute timezone-consistency analysis without access to the private repo commit history. RD-F-122 gray Contributor paid to DPRK-cluster wallet Cannot assess contributor payment routing to known DPRK cluster. Main contracts repo is private; developer payroll for Usual Labs is presumably off-chain (French-incorporated company with VC-backed payroll structure). Deployer wallet funding chain traces to a protocol-associated Gnosis Safe with no DPRK proximity (see RD-F-125). On-chain payment streams to individual engineering contributors not visible from OSINT. RD-F-184 gray Real-capital social-engineering persona No curator-flagged evidence of a 'team contributor' or 'external integrator' persona deploying ≥$1M of real capital to Usual or peer protocols to build credibility ahead of a social-engineering attack. The Drift Protocol UNC4736 comparator (6-month in-person persona build-up with real capital) has no identified analogue in Usual's contributor set. Team is substantially doxxed (former MP and named fintech founders), reducing surface area for anonymous persona attacks. Gray per process-learnings standard — absence of this pattern is not independently provable via OSINT; requires curator positive identification to score non-gray.
RD-F-111 green Team doxx status Team is fully doxxed at co-founder level. Pierre Person: former French National Assembly member (6th Paris constituency 2017–2022), real-name identity confirmed by Wikipedia and parliamentary records, conference speaker (NFT Paris, Next Block Expo). Adli Takkal Bataille: real name, 10+ year public crypto presence as Cercle du Coin association leader (8+ years), Ø Crypto Union partner, Bitcoin OG since 2012. Hugo Sallé de Chou: real name, co-founder of Pumpkin fintech (P2P payments, CMA acquisition 2017), Paris Fintech Forum 2017 speaker, EDHEC Business School. Developer team below leadership is pseudonymous (main pegasus repo private; only @au2001 publicly visible in usual-dao GitHub org).
RD-F-112 green Team public accountability surface All three co-founders have verifiable, multi-platform public accountability trails. Pierre Person: Wikipedia, LinkedIn, IQ.wiki, CoinDesk press coverage, speaker at NFT Paris and Next Block Expo, prior 5-year parliamentary record. Adli Takkal Bataille: Spotify podcast, YouTube interviews, Crunchbase, Le Cercle du Coin. Hugo Sallé de Chou: LinkedIn, Crunchbase, Paris Fintech Forum, RocketReach. Developer-level contributors below leadership: no public GitHub membership visible (private repo) — accountability surface is thin for the engineering team.
RD-F-113 green Team other-protocol involvement history No prior rugged or exit-scam protocol involvement found for any named co-founder. Pierre Person: 5-year political career (2017–2022 French MP), then Usual Labs. Adli Takkal Bataille: Cercle du Coin (long-running Bitcoin advocacy association, not a protocol), Ø Crypto Union. Hugo Sallé de Chou: Pumpkin (legitimate P2P fintech, acquired by CMA 2017), 4 other fintech companies. The January 2025 USD0++ floor-price event involved a governance-process bypass but NOT a rug (collateral backing maintained; USD0 peg restored; no funds stolen). No REKT news entries for Usual Labs protocol team. No hacksdatabase entries for usual protocol.
RD-F-114 green Deployer address prior on-chain history Deployer EOA `0xab175f3ed4e9e021fa491ae12c7a08d85b27feef` first transacted 2024-05-23 (block 19932960), the same date as the first Usual protocol contract deploy (Registry Contract). All deployed contracts on this address are Usual protocol contracts: USD0, bUSD0/USD0++, DaoCollateral, YieldModule, DistributionModule, SwapperEngine, ClassicalOracle, TokenMapping, RegistryContract, and associated TransparentUpgradeableProxy instances. No contracts from prior unrelated projects or rug-associated deployments found. Consistent with a clean, purpose-built deployment EOA.
RD-F-115 green Prior rug/exit-scam affiliation No evidence of any co-founder being linked via verified OSINT to a prior rugged or exit-scam-labeled protocol. ChainArgos November 2024 case study ('USD as Usual?') examined MiCA regulatory compliance questions — not fraud allegations or deployer misconduct. Rekt.news search: no Usual Labs entry in rekt.news incident database. Data cache `rekt.incidents: []`. The Jan 2025 USD0++ event is documented as an economic-design + governance-process failure in which collateral backing was maintained and no funds were stolen — this does NOT meet the rug/exit-scam threshold.
RD-F-118 green Handle reuse across failed/rugged projects No evidence of handle reuse across failed or rugged projects for Pierre Person, Adli Takkal Bataille, or Hugo Sallé de Chou. Pierre Person operates under his real legal name with a fully traceable political career identity. Adli Takkal Bataille's crypto presence (Cercle du Coin, @adli_btc-style handles) is consistent across platforms with no prior abandoned-alias pattern. Hugo Sallé de Chou's professional identity is consistent from Pumpkin fintech through Usual Labs. No alias-switching pattern found.
RD-F-120 green Video-off/voice-consistency flag No video-off or voice-consistency concerns identified. Pierre Person has given on-camera video interviews and appeared at live conferences including NFT Paris and Next Block Expo. Adli Takkal Bataille has participated in video podcasts (YouTube appearance as Usual Labs DEO). Hugo Sallé de Chou has a professional LinkedIn profile with photo and prior conference speaker history. No documented instance of video-off refusal, geographic inconsistency, or voice-consistency concerns in any OSINT-accessible interview.
RD-F-124 green Deployer wallet mixer-funded within 30 days [★ CRITICAL FACTOR] Deployer `0xab175f3ed4e9e021fa491ae12c7a08d85b27feef` was funded on 2024-05-23 (same date as first contract deploy) from intermediate routing wallet `0xcf863644c7885ccdd2a2924c5333aa264f510d60`, which itself was funded from Gnosis Safe `0x34DC124e0ea6e0cdac7605ec3c5153dca17b6ba1` (moul.eth-created, holds USD0/USUAL/USUALx protocol tokens — protocol-internal Safe). No Tornado Cash, Railgun, or other mixer interactions found on Etherscan for deployer or its 2-hop funding parents. Funding chain is clean and internal. 30-day pre-deploy window is clean.
RD-F-125 green Deployer linked within 3 hops to DPRK/Lazarus [★ CRITICAL FACTOR] 3-hop funding chain for deployer: Gnosis Safe (moul.eth-created, holds USD0/USUAL) → intermediate routing wallet (4 txs) → deployer EOA. No OFAC SDN hits on any address in this chain. No Lazarus/DPRK cluster labels found on any address per Etherscan and web search. Team is substantially doxxed (former French MP, named fintech founders) with no DPRK/OFAC proximity found in any web search or press coverage. Jan 2025 USD0++ floor-price event is a governance-conduct issue, NOT a DPRK/nation-state incident. USD0 usage as a drain venue by unrelated hackers does NOT constitute team DPRK linkage per rubric.
Fork / dependency lineage Green 0 10 of 10
RD-F-126 n/a Is-a-fork-of Usual is an original design — not a fork of any upstream DeFi protocol. Confirmed by profile §5 and GitHub org inspection (6 public repos are all integration forks, not protocol forks). RD-F-127 n/a Upstream patch not merged Not a fork. No upstream to publish patches from. RD-F-128 n/a Upstream vulnerability disclosure (last 90d) Not a fork. No upstream vulnerability disclosure applicable. RD-F-129 n/a Code divergence from upstream (%) Not a fork. No upstream to measure code divergence from. RD-F-130 n/a Fork depth (generations from original audit) Not a fork. Fork depth = 0 hops (original design). RD-F-131 n/a Fork retains upstream audit coverage Not a fork. Full independent audit program conducted (7 firms, 20+ engagements). Upstream audit coverage concept is inapplicable. RD-F-132 n/a Fork has different economic parameters than upstream Not a fork. No upstream audited-defaults to diverge from. RD-F-133 gray Dependency manifest uses unpinned versions Cannot verify dependency pinning. Private 'pegasus' repo means foundry.toml and package.json are inaccessible. OZ Upgradeable and LayerZero V2 are confirmed dependencies but pinned version and semver-range cannot be confirmed.
RD-F-134 green Dependency had malicious-release incident (last 90d) No malicious release incident reported for OpenZeppelin npm packages or LayerZero V2 in trailing 90 days (2026-02-17 to 2026-05-17). No security advisory found for either dependency in this window.
RD-F-135 green Shared-library version with known-vuln status Solidity 0.8.20 (core contracts) and 0.8.22 (L1OFTAdapter): both versions have no known current CVE. The TransientStorageClearingHelperCollision high-severity bug affects 0.8.28–0.8.33 only — not applicable. OZ Upgradeable contracts version used has no current advisory.
Post-deploy hygiene & change mgmt Yellow 21 13 of 13
RD-F-185 red Bridge rate-limiter / chain-pause as positive mitigant No rate-limiter documented for USD0 LayerZero OFT adapter (0xE14C486...). Usual tech docs do not describe a per-window outflow cap on cross-chain OFT transfers. Ethereum mainnet has no chain-level pause capability. No positive mitigant identified for cross-chain bridge outflows. Red — absence of mitigant. RD-F-137 yellow Upgrade frequency (per 90 days) bUSD0 proxy: 9 Upgraded events since June 2024 — ~3 per 90 days at peak. DaoCollateral upgraded Dec 2024, SwapperEngine upgraded Dec 2024. High historical frequency; appears to have slowed in 2026 (last bUSD0 upgrade 2025-12-10). Yellow for high historical frequency. RD-F-143 yellow Reinitializable implementation (no _disableInitializers) DaoCollateral impl (0x0eEc861D...): _disableInitializers() called in constructor — CONFIRMED. bUSD0 impl (0x9F2BD21...): uses initializeV3() versioned reinitializer pattern — version-specific protection but not a blanket disable. USD0 impl: initializeV2() — same versioned pattern. Versioned reinitializers require per-upgrade verification that no re-init path exists on the new implementation. Yellow — controls present but not fully deterministic across all upgrade versions. RD-F-136 gray Deployed bytecode matches signed release tag Cannot verify: GitHub main repo (usual-dao/pegasus) is PRIVATE. No signed release tags available publicly. Bytecode on-chain and Etherscan-verified, but commit-to-bytecode correspondence cannot be independently confirmed. RD-F-140 gray Fix-merged-but-not-deployed gap Cannot assess: private GitHub repo prevents diff analysis. Sherlock 2025-02 judging found HIGH finding (stale oracle in UsualOracle). Resolution and deployment status cannot be verified without source access. RD-F-142 gray Storage-layout collision risk across upgrades bUSD0 has 9 upgrades. OZ upgrades plugin storage-layout collision analysis requires source access. Private GitHub repo prevents assessment. Versioned initializers (V2, V3) suggest careful versioning but each upgrade introduces collision risk without access to storage layout declarations. RD-F-145 gray Deployed bytecode reproducibility Cannot verify: private GitHub repo (usual-dao/pegasus) prevents public build reproduction. Source is Etherscan-verified but independent reproducibility from a public commit + declared toolchain cannot be confirmed. RD-F-168 gray Stale-approval exposure on deprecated router bUSD0 design changed substantially (floor price Jan 2025, burn redemption Jul 2025) but proxy address is stable (0x35D89...). No formal router deprecation in the traditional sense — the proxy is maintained in place. Allowance scan not performed (pipeline gap). Cannot confirm or deny stale approvals.
RD-F-138 green Hot-patch deploys without timelock (last 30 days) No upgrades identified in the 30 days prior to assessment (2026-04-17 to 2026-05-17). Last bUSD0 upgrade: 2025-12-10 (~5 months ago). While no timelock exists (making any upgrade technically a hot-patch by definition), no hot-patch event has occurred in the last 30 days.
RD-F-139 green Post-audit code changes without re-audit All identified upgrades have corresponding audit engagements. bUSD0 upgrades (Mar/Jul/Nov 2025) covered by Sherlock + Spearbit + Halborn. DaoCollateral Dec 2024 pre-covered by Cantina Oct + Halborn Nov 2024. Revenue Switch (Jan 2025) covered by Spearbit Jan 2025. ETH0 (May 2025) by Hexens/Halborn/Sherlock. No unaudited upgrade gaps identified. Private repo = SHA verification gap; confidence medium.
RD-F-141 green Test-mode parameters in deploy No test-mode parameters found. Admin is not deployer EOA. Contracts use production-grade Chainlink mainnet oracle feeds. RegistryAccess uses AccessControlDefaultAdminRulesUpgradeable in production config. No mock or test labels in deployed source names.
RD-F-144 green CREATE2 factory permits same-address redeploy No CREATE2 factory pattern identified in Usual's deployment architecture. All contracts use standard TransparentUpgradeableProxy with standard deployment transactions. Safe itself uses Proxy Factory 1.3.0 (standard OZ Safe factory), not a Usual-specific CREATE2 factory.
RD-F-146 green New contract deploys in last 30 days No new contract deployments identified for Usual protocol in the 30 days prior to assessment (2026-04-17 to 2026-05-17). Protocol appears in stabilization phase. Last upgrade: bUSD0 2025-12-10 (~5 months ago).
Cross-chain & bridge Green 14 12 of 12
RD-F-148 yellow Bridge validator count (M) DVN count for USD0 LayerZero OFT unknown — dvn_configs: [] in data cache; no public Usual disclosure. For USUAL CCIP, Chainlink DON uses multiple validators by protocol design. Dominant concern is LZ OFT (higher TVL exposure via L1 lock). Yellow pending DVN config on-chain verification. RD-F-149 yellow Bridge validator threshold (k-of-M) DVN threshold for USD0 LZ OFT unknown. LayerZero OFT Quickstart default shows single required DVN (LZ Labs) with no optional DVNs — threshold of 1. 47% of active OApps at KelpDAO incident time used 1/1 configuration. Usual has not published its configuration. If actual threshold is 1, this should be red. Scored yellow due to unconfirmed status. CCIP threshold (DON consensus) is multi-validator. RD-F-179 yellow LayerZero OFT DVN config (count, threshold, diversity) DVN configuration for USD0 OFT unconfirmed — HIGH RISK FLAG. Data cache returned dvn_configs: [] (pipeline gap). LayerZero's OFT Quickstart default shows a single required DVN (LayerZero Labs) with no optional DVNs — the 1/1 pattern. At the time of KelpDAO $292M incident (Apr 2026), 47% of active LZ OApps used 1/1 DVN (CoinDesk). Usual has not published its DVN configuration in docs or blog. Paladin Oct 2024 audit covered the OFT adapter but report is not publicly accessible for DVN config review. Scored YELLOW (not red) because 1/1 is unconfirmed — DVN config may have been hardened, but absence of disclosure prevents GREEN. Curator action required: on-chain cast call to ReceiveUln302.getConfig() for each remote EID (30110 Arbitrum, 30184 Base, 30102 BNB). If returned requiredDVNCount=1 and optionalDVNThreshold=0 for any pathway, upgrade to RED. RD-F-150 gray Bridge validator co-hosting DVN identity for USD0 LZ OFT unknown (dvn_addresses: []). Cannot assess co-hosting without knowing which DVN operators are configured. For CCIP, Chainlink DON nodes are geographically distributed by Chainlink's operational standards. LZ path assessment blocked by pipeline gap. RD-F-154 n/a Default bytes32(0) acceptable as valid root L1OFTAdapter does not implement a Merkle-root inbox. No root storage variable, no confirmAt, no acceptableRoot pattern. This is a LayerZero OFT using DVN/ULN verification, not a Merkle-proof-based bridge. The Nomad-class vulnerability (bytes32(0) as valid root) requires root-storage architecture that Usual's OFT does not have. RD-F-155 gray Bridge validator-set rotation recency DVN identity unknown (dvn_addresses: []). Cannot assess validator set rotation without knowing which DVN operators are configured. For CCIP, Chainlink DON rotation is managed by Chainlink Labs and not protocol-visible. Assessment blocked by DVN config gap. RD-F-156 gray Bridge uses same key custody for >30% validators DVN key custody cannot be assessed without knowing DVN operator identities (dvn_addresses: []). If LZ Labs is the sole DVN, >30% threshold is trivially met by one operator. Assessment blocked by DVN config gap. RD-F-157 gray Bridge TVL per validator ratio Bridge TVL per DVN ratio cannot be computed: DVN count unknown (dvn_configs: []) and L2 USD0 OFT TVL not separately tracked by DefiLlama (100% of $104.77M reported on Ethereum). Assessment blocked by two gaps: DVN count and L2 TVL breakdown.
RD-F-147 green Protocol has bridge surface Yes — USD0 uses LayerZero OFT with L1OFTAdapter at 0xE14C486b93C3B62F76F88cf8FE4B36fb672f3B26 (Ethereum). USUAL token uses Chainlink CCIP (burn-and-mint) for Base and BNB Chain. Both surfaces confirmed by profile, Etherscan label, and Usual blog. Pipeline layerzero_bridge=false is a confirmed false negative.
RD-F-151 green Bridge ecrecover checks result ≠ address(0) L1OFTAdapter (0xE14C486b93C3B62F76F88cf8FE4B36fb672f3B26) does NOT use ecrecover internally. Message authentication is entirely delegated to LayerZero Endpoint V2. The adapter performs peer validation via isPeer() checks (source chain + peer address binding) but no direct signature verification. Wormhole-class ecrecover-zero-return vulnerability is not present in the OFT adapter code path. Endpoint V2 itself (0x1a44076050125825900e736c501f859c50fe728c) is a hardened protocol layer that handles signature/DVN verification.
RD-F-152 green Bridge binds message to srcChainId LayerZero V2 messages include source EID (endpoint identifier, chain-specific). OFT adapter validates source chain + peer address via isPeer() binding. Cross-chain replay to different source chain is prevented by EID binding at the protocol level. CCIP uses lane-based architecture (source+destination chain pair) for equivalent binding.
RD-F-153 green Bridge tracks nonce-consumed mapping LayerZero V2 Endpoint tracks message nonces internally at the protocol level. OFT adapter inherits this — messages cannot be replayed because the endpoint marks nonces as executed. This is a LayerZero protocol-level guarantee. The KelpDAO attack used a synthetic (new) message, not a replay — nonce tracking still functioned correctly.
Threat intelligence & recon Green 13 8 of 8
RD-F-161 yellow Protocol-impersonator domain registered (typosquat) Protocol brand profile warrants elevated typosquat risk: $104.77M current TVL, $1.87B 12-month peak, USUAL token airdrop campaign in late 2024 (a prime impersonation trigger), and high-profile January 2025 depeg event generating significant community attention. WHOIS/domain registration monitoring is not available via web search alone (DomainTools API not accessible). No confirmed typosquat of usual.money identified in public sources, but static assessment cannot verify absence of recent registrations. Per process-learnings: top-20 DeFi brands are 'almost always elevated findings' on F161. Yellow reflects elevated structural risk without confirmed active registration. RD-F-163 yellow Avg attacker reconnaissance time for peer-class protocols Sector baseline: DPRK/Lazarus reconnaissance window is 30–78 days for large cross-chain bridge+stablecoin targets (USPD class). Usual combines two high-DPRK-interest surfaces: (1) LayerZero OFT bridge adapter on Ethereum with $100M+ TVL backing, and (2) stablecoin with Curve pool surface — matching the Kelp DAO (April 2026, $292M via LayerZero DVN) attack class profile. No active reconnaissance attributed to Usual in public sources. Yellow reflects elevated structural risk given the dual-surface profile (OFT adapter + large stablecoin brand), not confirmed reconnaissance. RD-F-159 gray Attacker wallet pre-strike probe (low-gas failing txs) Mempool probe detection (attacker wallet sending low-gas failing txs to protocol as pre-strike testing) requires live mempool monitoring against a curated threat-actor cluster list. Neither the mempool listener nor the threat-actor cluster feed is available in static assessment. Cannot confirm or deny from public sources. RD-F-164 gray Leaked credential on paste/sentry site Detection of leaked credentials on paste/sentry sites requires access to credential-dump monitoring feeds (e.g., HaveIBeenPwned enterprise, Sentry alternative services). These are not available in static assessment. Cannot confirm or deny credential exposure for Usual infra. Curator-only manual triage required. RD-F-165 gray Protocol social channel has scam-coordinator flag Detection of scam-coordinator flags in Usual's Discord/Telegram requires access to curator social-media watchlist. No public reports of scam-coordinator activity in Usual protocol channels found. Cannot verify from public sources alone. Curator manual triage required per T-08 methodology.
RD-F-158 green Known-threat-actor cluster has touched protocol No public reports of threat-actor-labeled wallet (Lazarus/DPRK cluster or other curated threat-actor list member) interactions with Usual core contracts in trailing 30 days. Rekt.news database and DefiLlama hacks contain no Usual entries. Web search for Usual + Lazarus/DPRK returns no results. January 2025 depeg was an economic/governance failure with no attacker wallet involved. Per U4 instruction: any attacker routing through USD0/Curve pools = yellow Cat 11 classification, NOT team contamination per F124/F125. No such routing identified.
RD-F-160 green GitHub malicious-dependency incident touching protocol deps No GitHub security advisory or npm malicious-release flag for OpenZeppelin upgradeable contracts or LayerZero V2 libraries has been publicly reported in the trailing 90-day window. OpenZeppelin is actively maintained (OZ v5.x current); LayerZero V2 has been audited. No supply-chain compromise advisory affecting Usual's documented dependencies identified.
RD-F-162 green Known-exploit-template selector deployed by any address No known-exploit template specifically targeting RWA stablecoin protocols with a DaoCollateral+SwapperEngine architecture has been publicly deployed and documented. The January 2025 depeg was an economic/governance failure requiring no on-chain exploit template — the selector patterns themselves were not the attack vector. No public reports of exploit-template contracts targeting Usual's specific function selectors.
Tooling / compiler / AI Green 0 5 of 5
RD-F-172 gray Repo shows AI-tool co-authorship in critical files Private 'pegasus' repo means commit history and co-authored-by metadata are inaccessible. No public disclosure of AI tool usage found in Usual Labs blog, tech docs, or audit summaries. Cannot confirm or deny AI tool co-authorship.
RD-F-170 green Solc version used (known-bug versions flagged) Core contracts: Solidity v0.8.20+commit.a1b79de6, Shanghai EVM, optimization 200 runs. L1OFTAdapter: v0.8.22+commit.4fc1097e, Paris EVM, optimization 200 runs. Neither version on known-bug list. TransientStorageClearingHelperCollision (high-severity, 0.8.28–0.8.33) not applicable.
RD-F-171 green Bytecode similarity to audited upstream with behavior deviation Usual is an original design with no meaningful upstream to compare against. Contracts use OZ standard library patterns (expected). No AI-copy risk pattern detectable. Private repo limits this assessment but the protocol's original architecture and 7-firm audit program would surface AI-copy bytecode deviations.
RD-F-173 green Team self-disclosure of AI-generated Solidity No public disclosure of AI-generated Solidity found. Usual Labs blog and tech docs contain no mention. L1OFTAdapter Etherscan analysis found 'no indicators of AI-generated code' and 'conventional professional smart contract patterns.'
RD-F-174 green Dependency tree uses EOL Solidity version Solidity 0.8.20 and 0.8.22 are NOT EOL. They are in the active 0.8.x maintenance series receiving security patches. OZ upgradeable contracts compiled at 0.8.20 are actively maintained.
Response & disclosure hygiene Green 8 4 of 4
RD-F-176 yellow Disclosure SLA public No public acknowledgment-time SLA found. Sherlock bug-bounty page does not state a specific SLA (e.g., 72h acknowledgment). tech.usual.money/security-and-audits/bug-bounty page does not specify a response timeline. security@usual.company contact exists but has no published SLA. Sherlock's platform standard triage terms apply but are not Usual-specific commitments. Scored yellow: disclosure channel exists (F175 green) but SLA not published.
RD-F-175 green Disclosure channel exists Active public disclosure channel exists: (1) Sherlock bug bounty program at audits.sherlock.xyz/bug-bounties/56 — live since 2025-04-08, max payout $16M USDC, Sherlock handles triage independently of Usual Labs; (2) security@usual.company email contact published at tech.usual.money. The Sherlock program covers core stablecoin protocol, RWA wrapper contracts, and token distribution modules on Ethereum mainnet. Both channels are verifiable.
RD-F-177 green Prior known-ignored disclosure No evidence that a disclosed vulnerability was reported to Usual Labs and not actioned before an exploit. The May 2025 exploit was auto-detected by BlockSec Phalcon (not a researcher disclosure that was ignored — the vulnerability was unknown before execution). The January 2025 operational event was a deliberate governance/economic-design parameter change, not a case of an ignored security disclosure. No post-mortem describes an ignored vulnerability report. Searched: hacksdatabase (no Usual file), rekt.news (no Usual entry), web OSINT.
RD-F-178 green CVE/GHSA advisory issued against protocol No CVE, GHSA, or equivalent public security advisory found for Usual protocol. Web search for 'Usual Money CVE GHSA security advisory 2024 2025' returned no relevant results. The main pegasus contracts repository is private (github.com/usual-dao), so auto-GHSA generation via GitHub's advisory database does not apply. The 6 public repos under usual-dao are all integration forks (DEX, DefiLlama) without security advisories related to Usual's core protocol.
rubric_version v1.7.0 graded_at 2026-05-16 22:00:02 factors 184 protocol usual